IN THE CLAIMS : 

Please AMEND claims 1, 7, 10-1 1 and 13 as follows. 
Please ADD new claims 14-20 as shown below. 

1. (Currently Amended) A system , comprising: for remotely and transparently 
managing s e curity associations of int e rn e t protocol s e curity, th e syst e m comprising: 
an application device; 
a service device; 

a communication network configured to connect said application device to said 
service device; 

an internet protocol security service uai^configured to provide one or more 
internet protocol security services comprising at least one of authentication services 
and encryption services, said internet protocol security service um^deployed in said 
service device; 

at least one management client configured to issue security association 
management requests to create and manage, with a session key management protocol, 
security associations for use by said provided internet protocol security services, said at 
least one management client deployed in said application device; and 

a management server configured to receive said security association management 
requests issued from said at least one management client and to respond, in connection 
with said internet protocol security service-uftit, to said security association management 
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requests received at said management server, said management server deployed in said 
service device. 

2. (Previously Presented) The system according to claim 1, wherein said 
application device further comprises an interface configured to provide communication 
between said at least one management client associated with said application device and 
said management server. 

3. (Previously Presented) The system according to claim 1, wherein said security 
association management requests comprise at least one of adding requests configured to 
add security associations, deleting requests configured to delete security associations, and 
querying requests configured to query about security associations. 

4. (Previously Presented) The system according to claim 2, wherein said interface 
is further configured to use sockets for communication with said management server. 

5. (Previously Presented) The system according to claim 2, wherein said interface 
comprises data structures used in communication between said management client and 
said management server. 
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6. (Previously Presented) The system according to claim 2, wherein said interface 
is implemented as a software library linked dynamically or statistically into a 
corresponding management client. 

7. (Currently Amended) The system according to claim 1, wherein said internet 
protocol security service tmit-and said management server are configured to use a local 
communication channel for communications between said internet protocol security 
service umtand said management server. 

8. (Previously Presented) The system according to claim 1, wherein at least one 
application device comprises two or more management clients, and wherein at least two 
of said management clients are configured to use different session key management 
protocols. 

9. (Previously Presented) The system according to claim 1, wherein said 
communication network comprises a local area network. 

10. (Currently Amended) A metho d, comprising: of remotely and transpar e ntly 
managing s e curity associations of int e rn e t protocol s e curity , th e m e thod comprising: 

providing one or more internet protocol security services comprising at least one 
of authentication services and encryption services from an internet protocol security 
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service-trait, said internet protocol security service umt-being deployed in a service 
device; 

issuing security association management requests to create and manage, with a 
session key management protocol, security associations for use by said provided internet 
protocol security services, from at least one management client, said at least one 
management client being deployed in an application device; 

receiving in a management server said security association management requests 
issued from said at least one management client; and 

responding, in connection with an internet protocol security service-trait, to said 
security association management requests received at said management server, said 
management server being deployed in said service device, 

wherein said application device is connected to said service device by a 
communication network. 

11. (Currently Amended) The method according to claim 10, wherein said issuing 
comprises communicating at least one of said security association management requests 
issued from an -said application device and corresponding responses via an interface 
associated with said application device. 

12. (Previously Presented) The method according to claim 10, wherein said 
issuing comprises issuing said security association management requests comprising at 
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least one of adding requests for adding security associations, deleting requests for 
deleting security, and querying requests for querying about security associations. 

13. (Currently Amended) A system , comprising: of remotely and transpar e ntly 
managing security associations of internet protocol security, the system comprising: 
application means; 
servicing means; 

communication means for connecting said application means with said servicing 

means; 

internet protocol security service means for providing one or more internet 
protocol security services comprising at least one of authentication services and 
encryption services, said internet protocol security service means being deployed in 
said servicing means; 

at least one management client means for issuing security association 
management requests to create and manage, with a session key management 
protocol, security associations for use by said provided internet protocol security 
services, said at least one management client means being deployed in said 
application means; and 

management server means for receiving said security association management 
requests issued from said at least one management client means and for responding, in 
connection with said internet protocol security service-urn*, to said security association 
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management requests received at said management server, said management server 
means being deployed in said servicing means. 

14. (New) An apparatus, comprising: 

at least one management client configured to issue security association 
management requests to create and manage, with a session key management protocol, 
security associations for use by an internet protocol security service; and 

an interface configured to communicate said issued security association 
management requests to a management server external to said apparatus, said 
management server configured to respond to said security association management 
requests in connection with an internet protocol security server configured to provide one 
or more internet protocol security services comprising at least one of authentication 
services and encryption services. 

15. (New) The apparatus according to claim 14, wherein said security 
association management requests comprise at least one of adding requests configured to 
add security associations, deleting requests configured to delete security associations, and 
querying requests configured to query about security associations. 

16. (New) An apparatus, comprising: 
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an internet protocol security server configured to provide one or more internet 
protocol security services comprising at least one of authentication services and 
encryption services; and 

a management server configured to receive security association management 
requests issued from at least one management client external to said apparatus and to 
respond, in connection with said internet protocol security server, to said received 
security association management requests. 

17. (New) The apparatus according to claim 16, wherein said internet protocol 
security server is configured to use a local communication channel for communications 
between said internet protocol security server and said management server. 

18. (New) A method, comprising: 

issuing security association management requests to create and manage, with a 
session key management protocol, security associations for use by internet protocol 
security services, from at least one management client deployed in an application device; 
and 

communicating at least one of said issued security association management 
requests to a management server external to said application device. 
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19. (New) The method according to claim 18, wherein said communicating 
comprises communicating at least one of said security association management requests 
issued from said application device and corresponding responses via an interface 
associated with said application device. 

20. (New) The method according to claim 18, wherein said issuing comprises 
issuing said security association management requests comprising at least one of adding 
requests for adding security associations, deleting requests for deleting security, and 
querying requests for querying about security associations. 
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